CenturyLink Leverages ThreatConnect for Managed Security Services, Analytics
CenturyLink’s managed security services will now leverage ThreatConnect, a threat intelligence-based security platform that taps into SAP HANA, the two companies say. The result: CenturyLink thinks it can offer customers a data-driven set of tools to improve detection, protection and remediation services.
CenturyLink’s security service is tailored to help customers to identify, block and mitigate security threats through security log monitoring, incident management and response support services. Now with ThreatConnect in tow, the telecom said it can supply an integrated solution that fits with its customers’ new or existing threat management and security operations functions.
In touting the agreement, ThreatConnect CEO Adam Vincent said that its “MSSP program is a force multiplier that organizations like CenturyLink can leverage to offer threat detection and response, customized processes or any of a number of premium services to clients.”
ThreatConnect Links With Telco MSSPs
Earlier this year, ThreatConnect struck a similar arrangement with BT, a provider of communications services and solutions, to mesh the ThreatConnect platform into BT’s Security Threat Intelligence service.
In that deal, apparently similar to the CenturyLink pact, BT said ThreatConnect’s analytics technology would strengthen its knowledge, threat intelligence, and advisory services.
Last February, ThreatConnect rolled out four new products aimed at organizations launching a maiden threat intelligence program or those looking to expand.
The modules include TC Identify for threat detection, TC Manage for process orchestration and management, TC Analyze for threat intelligence, and TC Complete, a security operations and analytics platform, all built on the ThreatConnect platform.
ThreatConnect In the Global Cybersecurity Spotlight
ThreatConnect has an interesting backstory related to alleged wide-scale Russian cyber hacking.
In September, 2016, the security provider posted a blog detailing alleged phishing attempts against individuals contributing to Bellingcat, a citizen journalism website, and its founder Eliot Higgins.
According to ThreatConnect, the phishing targets were apparently researching Russian involvement in the July 17, 2014 downing of Malaysia Airlines Flight 17. ThreatConnect attributed these intrusion attempts to Fancy Bear, a cyber espionage group said to have connections to the Russian government, the blog said.
Fast forward to last month when a new report from Citizen Lab described a Russian-tied phishing and disinformation cyber spying campaign in which documents were stolen from a prominent journalist and critic of the Russian government, altered for propaganda purposes and then “leaked” to discredit domestic and foreign detractors.
In this instance, the targets include high profile individuals from at least 39 countries (including members of 28 governments), as well as the United Nations and NATO, the report said.
ThreatConnect’s tie-in is that it first discovered that malicious links embedded in the disinformation campaign’s phishing emails were configured to redirect the targets to addresses hosted on a URL shortening service that circuitously fed back to the Russian email service Yandex.
While telcos aren’t necessarily looking to entangle themselves in geopolitical debates, they’re certainly looking to bolster their managed security services for customers.